By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,354 Members | 1,042 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,354 IT Pros & Developers. It's quick & easy.

Consuming WebService using SSL and Authenticated with X509 Certifi

P: n/a
My company has a Webservice that is currently running in production. It is
secured using SSL and clients are authenticated using X509 certificates.

I am able to consume the Webservice methods in a Framework 2.0 c# Forms
based application where I instantiate the X509 Certificate by pointing to the
certificate file and passing the password:

//====================
X509Certificate cert = new X509Certificate(this.tbCertFilePath.Text,
this.tbCertificatePassword.Text);

myWebService.ClientCertificates.Add(cert);
string k = myWebService.GetMyDataByYear(2004);
//====================

However, we are trying to instantiate the X509 Certificate using the
LocalMachineStore in a Framework 2.0 c# Web App:

//====================
X509CertificateStore store;
store = X509CertificateStore.LocalMachineStore(X509Certifi cateStore.MyStore);
byte[] certHash = new byte[]{0x28, 0x83, 0xf0, ...};

bool open = store.OpenRead();
Microsoft.Web.Services2.Security.X509.X509Certific ateCollection certs =
store.FindCertificateByHash(certHash);
Microsoft.Web.Services2.Security.X509.X509Certific ate cert = certs[0];

myWebService.ClientCertificates.Add(cert);
string k = myWebService.GetMyDataByYear(2004);
//====================
I am able to verify that the X509 Certificate is in fact being retrieved and
is being placed in the myWebService.ClientCertificates collection. The
problem occurs when I try to consume the Webservice. I am getting the
following exceptions:
[SocketException (0x274d): No connection could be made because the target
machine actively refused it]
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot,
SocketAddress socketAddress) +1002146
System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP) +33
System.Net.ServicePoint.ConnectSocketInternal(Bool ean connectFailure,
Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState
state, IAsyncResult asyncResult, Int32 timeout, Exception& exception) +431

[WebException: Unable to connect to the remote server]
System.Net.HttpWebRequest.GetRequestStream() +1504525
System.Web.Services.Protocols.SoapHttpClientProtoc ol.Invoke(String
methodName, Object[] parameters) +103
DbTest.com.WebServerName.GlobalOrganizerXML.GetAss igneeList(Int32
taxYear) in d:\webapps\DbTest\App_Code\GlobalOrganizerXML.cs:7 9
DbTest.WebForm1.Page_Load(Object sender, EventArgs e) in
d:\webapps\DbTest\WebForm1.aspx.cs:65
System.Web.Util.CalliHelper.EventArgFunctionCaller (IntPtr fp, Object o,
Object t, EventArgs e) +15
System.Web.Util.CalliEventHandlerDelegateProxy.Cal lback(Object sender,
EventArgs e) +34
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +47
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1061
--Thanks in advance
Aug 29 '06 #1
Share this Question
Share on Google+
2 Replies


P: n/a
[SocketException (0x274d): No connection could be made because the target
machine actively refused it]
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot,
SocketAddress socketAddress) +1002146
System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP) +33
System.Net.ServicePoint.ConnectSocketInternal(Bool ean connectFailure,
Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState
state, IAsyncResult asyncResult, Int32 timeout, Exception& exception) +431

[WebException: Unable to connect to the remote server]
System.Net.HttpWebRequest.GetRequestStream() +1504525
System.Web.Services.Protocols.SoapHttpClientProtoc ol.Invoke(String
methodName, Object[] parameters) +103
DbTest.com.WebServerName.GlobalOrganizerXML.GetAss igneeList(Int32
taxYear) in d:\webapps\DbTest\App_Code\GlobalOrganizerXML.cs:7 9
DbTest.WebForm1.Page_Load(Object sender, EventArgs e) in
d:\webapps\DbTest\WebForm1.aspx.cs:65
System.Web.Util.CalliHelper.EventArgFunctionCaller (IntPtr fp, Object o,
Object t, EventArgs e) +15
System.Web.Util.CalliEventHandlerDelegateProxy.Cal lback(Object sender,
EventArgs e) +34
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +47
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1061
--Thanks in advance
Does the second certificate has associated private key? You could use
certificate for SSL authentication only if you have both private and
public keys.
So check certificate private key by MMC console, or check certificate
instance loaded with code line

Microsoft.Web.Services2.Security.X509.X509Certific ate cert = certs[0];

in your example if "cert.Key != null".

Zdenek D.
Aug 31 '06 #2

P: n/a
I think when you Open the store you need to specify MaxAllowed as a
parameter.

Best regards
Kay
"David G" <David G@discussions.microsoft.comwrote in message
news:5B**********************************@microsof t.com...
My company has a Webservice that is currently running in production. It
is
secured using SSL and clients are authenticated using X509 certificates.

I am able to consume the Webservice methods in a Framework 2.0 c# Forms
based application where I instantiate the X509 Certificate by pointing to
the
certificate file and passing the password:

//====================
X509Certificate cert = new X509Certificate(this.tbCertFilePath.Text,
this.tbCertificatePassword.Text);

myWebService.ClientCertificates.Add(cert);
string k = myWebService.GetMyDataByYear(2004);
//====================

However, we are trying to instantiate the X509 Certificate using the
LocalMachineStore in a Framework 2.0 c# Web App:

//====================
X509CertificateStore store;
store =
X509CertificateStore.LocalMachineStore(X509Certifi cateStore.MyStore);
byte[] certHash = new byte[]{0x28, 0x83, 0xf0, ...};

bool open = store.OpenRead();
Microsoft.Web.Services2.Security.X509.X509Certific ateCollection certs =
store.FindCertificateByHash(certHash);
Microsoft.Web.Services2.Security.X509.X509Certific ate cert = certs[0];

myWebService.ClientCertificates.Add(cert);
string k = myWebService.GetMyDataByYear(2004);
//====================
I am able to verify that the X509 Certificate is in fact being retrieved
and
is being placed in the myWebService.ClientCertificates collection. The
problem occurs when I try to consume the Webservice. I am getting the
following exceptions:
[SocketException (0x274d): No connection could be made because the target
machine actively refused it]
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot,
SocketAddress socketAddress) +1002146
System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP) +33
System.Net.ServicePoint.ConnectSocketInternal(Bool ean connectFailure,
Socket s4, Socket s6, Socket& socket, IPAddress& address,
ConnectSocketState
state, IAsyncResult asyncResult, Int32 timeout, Exception& exception) +431

[WebException: Unable to connect to the remote server]
System.Net.HttpWebRequest.GetRequestStream() +1504525
System.Web.Services.Protocols.SoapHttpClientProtoc ol.Invoke(String
methodName, Object[] parameters) +103
DbTest.com.WebServerName.GlobalOrganizerXML.GetAss igneeList(Int32
taxYear) in d:\webapps\DbTest\App_Code\GlobalOrganizerXML.cs:7 9
DbTest.WebForm1.Page_Load(Object sender, EventArgs e) in
d:\webapps\DbTest\WebForm1.aspx.cs:65
System.Web.Util.CalliHelper.EventArgFunctionCaller (IntPtr fp, Object o,
Object t, EventArgs e) +15
System.Web.Util.CalliEventHandlerDelegateProxy.Cal lback(Object sender,
EventArgs e) +34
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +47
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1061
--Thanks in advance

Sep 1 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.